When we connect to remote server using ssh, we may configure sshd and restart sshd.service to make configurations effective. But why our ssh session remains alive during the restart process?
pre-search
https://unix.stackexchange.com/questions/27636/how-does-ssh-connection-survive-a-network-restart
https://community.spiceworks.com/topic/2091374-restart-ssh-service-while-users-still-connected
basic conculsion: only the sshd demon restarts. ssh process handling current connection remains alive.
test
connect to a remote machine using ssh. then observe relevant PID.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 uniform64@VM-0-5-ubuntu:~$ ps aux | grep ssh root 38891 0.0 0.5 16912 10912 ? Ss 14:56 0:00 sshd: uniform64 [priv] uniform+ 38974 0.0 0.3 17180 7860 ? S 14:56 0:00 sshd: uniform64@pts/1 root 39142 0.0 0.4 15416 8776 ? Ss 14:57 0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups uniform+ 39254 0.0 0.1 7004 2100 pts/1 S+ 14:58 0:00 grep --color=auto ssh uniform64@VM-0-5-ubuntu:~$ service sshd status ● ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2023-03-13 14:57:55 CST; 1min 18s ago Docs: man:sshd(8) man:sshd_config(5) Process: 39141 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS) Main PID: 39142 (sshd) Tasks: 1 (limit : 2237) Memory: 1.7M CPU: 18ms CGroup: /system.slice/ssh.service └─39142 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups"
use
pstree to have a better view
1 2 uniform64@VM-0-5-ubuntu:~$ pstree -p | grep sshd |-sshd(39142)---sshd(38891)---sshd(38974)---bash(38975)-+-grep(40880)
restart sshd service and observe relevant PID again
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 uniform64@VM-0-5-ubuntu:~$ service sshd status ● ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2023-03-13 15:03:35 CST; 2s ago Docs: man:sshd(8) man:sshd_config(5) Process: 39994 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS) Main PID: 39995 (sshd) Tasks: 1 (limit : 2237) Memory: 1.7M CPU: 18ms CGroup: /system.slice/ssh.service └─39995 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups" uniform64@VM-0-5-ubuntu:~$ ps aux | grep ssh root 38891 0.0 0.5 16912 10912 ? Ss 14:56 0:00 sshd: uniform64 [priv] uniform+ 38974 0.0 0.3 17180 8032 ? S 14:56 0:00 sshd: uniform64@pts/1 root 39995 0.0 0.4 15416 8916 ? Ss 15:03 0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups uniform+ 40044 0.0 0.1 7004 2124 pts/1 S+ 15:04 0:00 grep --color=auto ssh
use pstree to have a better view
1 2 3 uniform64@VM-0-5-ubuntu:~$ pstree -p | grep sshd |-sshd(38891)---sshd(38974)---bash(38975)-+-grep(40880) |-sshd(39995)
we observe that sshd(38891) and sshd(38947) remain alive after sshd service restart. then who is listening on port 22?
1 2 3 4 5 6 uniform64@VM-0-5-ubuntu:~$ sudo netstat -ltp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost:domain 0.0.0.0:* LISTEN 772/systemd-resolve tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 39995/sshd: /usr/sb tcp6 0 0 [::]:ssh [::]:* LISTEN 39995/sshd: /usr/sb
it's
39995, the current demon process. we have a comparsion of
pstree after reconnecting to the remote machine using ssh
1 2 3 uniform64@VM-0-5-ubuntu:~$ pstree -p | grep sshd |-sshd(38891)---sshd(38974)---bash(38975) |-sshd(39995)---sshd(46265)---sshd(46317)---bash(46318)-+-grep(47083)
HA! it should be pretty clear now how sshd demon creates instance for a incoming ssh connection and why current ssh survives in service restart.